Hybrid working leaves IT departments scrambling to shield against ‘destructive’ firmware attacks

Remote working brought in a lot more firmware headaches to the IT

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

As the workforce becomes more distributed, the dynamics around firmware security and how IT teams handle it is changing, a new report fromHPWolf Security says, adding that IT departments are facing an uphill battle.

Firmware is essentially software, but built directly into the hardware. It doesn’t require anoperating system, drivers, or APIs. Instead, it’s the firmware that guides the device as it executes its tasks and communicates with other devices.

The poll of 1,100 IT leaders discovered that for more than eight-in-ten (83%), firmware attacks against laptops and PCs are now a significant threat. Furthermore, for three-quarters (76%), firmware attacks againstprintersare also a major threat.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Shadow IT

The same report also states that managing firmware became harder, and is now taking longer, which is also creating security gaps. For two-thirds (67%) of respondents protecting, detecting, and recovering from firmware attacks has become harder and longer, all due to remote working being the norm.

As a result, four in five worry about being able to respond toendpointfirmware attacks.

Adding insult to injury is the fact that for many organizations, device security is not always front and center, HP further found. Many organizations, the report states, are still using technology without baked-in security. What’s more, employees are constantly engaged in Shadow IT (using gear and software that wasn’t approved of, by the IT), especially when working remotely.

These are the best patch management tools around>Your HP printer could be facing the risk of a serious cyberattack>Beware - your old router could be putting you at risk of cyberattack

In fact, 68% of office workers that purchased devices to support remote work said they weren’t paying much attention to security. Almost half (43%) did not call the IT department to have their new gear set up.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

For Dr. Ian Pratt, Global Head of Security for Personal Systems at HP, firmware attacks are extremely disruptive as they’re harder to detect and remediate, compared to traditionalviruses, ormalware.

“This increases the cost and complexity of remediation considerably, particularly in hybrid environments where devices are not on site for IT teams to access. Having more endpoints sitting outside of the protection of the corporate network also reduces visibility and increases exposure to attacks coming in via unsecured networks,” Pratt concluded.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

I review TVs for a living and this record-low price on the Hisense U8N is one of the best early Black Friday deals I’ve seen